From 46f52dd56d88029c834a537c5cc19a42c33efd31 Mon Sep 17 00:00:00 2001
From: Deon George <deon@dege.au>
Date: Sat, 18 May 2024 12:26:00 +1000
Subject: [PATCH] Only auth AKAs in the same domain as us

---
 app/Classes/Protocol/Binkp.php |  9 +++++++--
 app/Classes/Protocol/EMSI.php  | 14 +++++++++++++-
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/app/Classes/Protocol/Binkp.php b/app/Classes/Protocol/Binkp.php
index ee3afa5..eead618 100644
--- a/app/Classes/Protocol/Binkp.php
+++ b/app/Classes/Protocol/Binkp.php
@@ -696,8 +696,13 @@ final class Binkp extends BaseProtocol
 					$this->node->ftn_other = $rem_aka;
 					continue;
 
+				// If we only present limited AKAs dont validate password against akas outside of the domains we present
+				} elseif (is_null(our_address($o))) {
+					Log::alert(sprintf('%s:/ AKA domain [%s] is not in our domain(s) [%s] - ignoring',self::LOGKEY,$o->zone->domain->name,our_address()->pluck('zone.domain.name')->unique()->join(',')));
+					continue;
+
 				} elseif (! $o->active) {
-					Log::alert(sprintf('%s:/ AKA is not active [%s], ignoring',self::LOGKEY,$rem_aka));
+					Log::alert(sprintf('%s:/ AKA is not active [%s] - ignoring',self::LOGKEY,$rem_aka));
 					continue;
 
 				} else {
@@ -705,7 +710,7 @@ final class Binkp extends BaseProtocol
 				}
 
 			} catch (InvalidFTNException $e) {
-				Log::error(sprintf('%s:! AKA is INVALID [%s] (%s), ignoring',self::LOGKEY,$rem_aka,$e->getMessage()));
+				Log::error(sprintf('%s:! AKA is INVALID [%s] (%s) - ignoring',self::LOGKEY,$rem_aka,$e->getMessage()));
 
 				continue;
 
diff --git a/app/Classes/Protocol/EMSI.php b/app/Classes/Protocol/EMSI.php
index 1cf3bd9..82d2e42 100644
--- a/app/Classes/Protocol/EMSI.php
+++ b/app/Classes/Protocol/EMSI.php
@@ -319,11 +319,23 @@ final class EMSI extends BaseProtocol implements CRCInterface,ZmodemInterface
 			Log::debug(sprintf('%s: - Parsing AKA [%s]',self::LOGKEY,$rem_aka));
 
 			try {
-				if (! ($o = Address::findFTN($rem_aka))) {
+				if (! ($o = Address::findFTN($rem_aka,TRUE))) {
 					Log::debug(sprintf('%s: ? AKA is UNKNOWN [%s]',self::LOGKEY,$rem_aka));
 
 					$this->node->ftn_other = $rem_aka;
 					continue;
+
+				// If we only present limited AKAs dont validate password against akas outside of the domains we present
+				} elseif (is_null(our_address($o))) {
+					Log::alert(sprintf('%s:/ AKA domain [%s] is not in our domain(s) [%s] - ignoring',self::LOGKEY,$o->zone->domain->name,our_address()->pluck('zone.domain.name')->unique()->join(',')));
+					continue;
+
+				} elseif (! $o->active) {
+					Log::alert(sprintf('%s:/ AKA is not active [%s] - ignoring',self::LOGKEY,$rem_aka));
+					continue;
+
+				} else {
+					Log::info(sprintf('%s:- Got AKA [%s]',self::LOGKEY,$rem_aka));
 				}
 
 			} catch (InvalidFTNException $e) {